Table of Contents
Advertisement
JUNOSe 11.1.x Broadband Access Configuration Guide
option (option 82). You can use the radius remote-circuit-id-format command to
configure the following nondefault formats for the PPPoE remote circuit ID value:
For information about configuring the PPPoE remote circuit ID, see the Using the
PPPoE Remote Circuit ID to Identify Subscribers and Configuring PPPoE Remote Circuit
ID Capture sections in JUNOSe Link Layer Configuration Guide .
Using the Giaddr to Identify the Primary Interface for Dynamic Subscriber Interfaces
When creating dynamic subscriber interfaces, the router builds the dynamic interfaces
on the associated primary interface. By default, the router identifies the primary
interface based on the interface on which DHCP client discover packets are received.
The router then builds all dynamic interfaces on that primary interface.
In some cases you might want more control over the determination of the primary
interface and you might not want to use the primary interface that is determined by
the default behavior. The JUNOSe software enables you to configure DHCP relay to
use information in the giaddr in DHCP ACK messages to specify which interface is
to be used as the primary interface. This capability allows you to build dynamic
interfaces on the primary interface of your choice.
Configuring Layer 2 Unicast Transmission Method for Reply Packets to DHCP Clients
By default, DHCP relay and relay proxy broadcast DHCP Offer reply packets and
DHCP ACK and NAK reply packets to DHCP clients during the discovery process. In
some environments, this default broadcast method might be a security concern
because all clients can receive packets intended for all other clients.
You use the set dhcp relay layer2-unicast-replies command in Global Configuration
mode to configure the optional layer 2 unicast and layer 3 broadcast transmission
method for DHCP relay and DHCP relay proxy. This method uses the client's layer
2 (MAC) address and layer 3 (IP) broadcast address to provide secure transmission
of DHCP Offer reply packets and ACK and NAK reply packets. The optional layer 2
unicast method enables reply packets to be broadcast through the layer 3 network
but received only by the specified client.
There are exceptions to this behavior for DHCP relay proxy when the DHCP client
is already bound to an IP address or is renewing the lease on its IP address. For
information, see "Behavior for Bound Clients and Address Renewals" on page 520.
502
Configuring DHCP Relay and BOOTP Relay
Include either or both of the agent-circuit-id (suboption 1) and agent-remote-id
(suboption 2) suboptions of the DHCP relay agent information option, with or
without the NAS-Identifier [32] RADIUS attribute.
Append the agent-circuit-id suboption value to an interface specifier that is
consistent with the recommended format in the DSL Forum Technical Report
(TR)-101 Migration to Ethernet-Based DSL Aggregation (April 2006).
To use information in the giaddr to identify the primary interface for dynamic
subscriber interfaces:
host1(config)#set dhcp relay giaddr-selects-interface
Advertisement
Table of Contents
Troubleshooting
